CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-30 04:43:14 +01:00
Code Issues Packages Projects Releases Wiki Activity
6,057 Commits 20 Branches 120 Tags
2950779d9159c39412ed7fc83fceca68402df406
Commit Graph

3456 Commits

Author SHA1 Message Date
Mike Reeves
2950779d91 Fix stralka rule update 2021-01-13 09:57:12 -05:00
m0duspwnens
225ed1c14a change suriloss and zeekloss to be more similar code style 2021-01-12 16:39:19 -05:00
m0duspwnens
6ea1a83afe resolve some issues with the zeekloss script https://github.com/Security-Onion-Solutions/securityonion/issues/2590 2021-01-11 14:10:08 -05:00
Jason Ertel
bc8e200919 Continued retry implementation for salt-key acceptance; improve timestamp coverage in setup 2021-01-10 02:34:46 -05:00
Jason Ertel
63047b4b85 Add retry logic around salt key acceptance during setup 2021-01-10 00:57:43 -05:00
Josh Patterson
d2848b9985 Merge pull request #2561 from Security-Onion-Solutions/automation/so-status 
add description for exit code 99
 2021-01-07 11:24:14 -05:00
m0duspwnens
83e7493691 add description for exit code 99 2021-01-07 11:23:39 -05:00
Josh Patterson
d287dd2412 Merge pull request #2557 from Security-Onion-Solutions/automation/so-status 
Automation/so status
 2021-01-07 09:07:12 -05:00
m0duspwnens
a5735e6654 return 99 if setup is running 2021-01-06 20:14:42 -05:00
m0duspwnens
ae7c0a26be add a quiet mode to so-status for automation testing 2021-01-06 18:46:21 -05:00
weslambert
36ae09ac4a Merge pull request #2545 from Security-Onion-Solutions/fix/wazuh_port_reservation 
Reserve port for Wazuh API and check if port is already in use
 2021-01-06 11:49:23 -05:00
Wes Lambert
875908dc90 Set @timestamp to winlog.systemTime 2021-01-06 16:47:35 +00:00
Wes Lambert
f2b677bfcb Reserve port for Wazuh API and check if port is already in use 2021-01-06 15:52:10 +00:00
Mike Reeves
1154b533d6 Remove ERSPAN so log doesn't show a warning 2021-01-05 13:56:56 -05:00
Mike Reeves
dc429494ac Merge pull request #2370 from Masaya-A/improve/yum 
Make yum removing unneeded packages
 2021-01-05 09:26:04 -05:00
weslambert
c1e245043e Remove multiple old so-yara-update cron jobs, if needed 2021-01-04 16:29:32 -05:00
weslambert
535820bfa7 Remove old Strelka cron job 2021-01-04 10:18:32 -05:00
Jason Ertel
4b244645ba so-fleet-setup doesn't need an interactive terminal to run, remove 'it' 2020-12-31 10:52:59 -05:00
Jason Ertel
6b81419d38 tcpreplay doesn't need an interactive terminal to run, remove 'it' 2020-12-30 22:02:19 -05:00
Jason Ertel
e167bfed20 Redirect tcpreplay init output to file 2020-12-30 18:48:56 -05:00
Jason Ertel
13f0ddabfc Use manager internal IP for intra-service comms 2020-12-30 12:02:42 -05:00
Jason Ertel
ea5e25c4a5 Monitor interface will not always be bond0 - pull correct value from pillar; Replay test data after automated test installations complete. 2020-12-29 10:34:31 -05:00
William Wernert
e9a6155e44 Merge branch 'dev' into feature/wait-for-apt 2020-12-28 18:26:38 -05:00
Jason Ertel
deb38844ba Correct hive init urls 2020-12-28 16:20:33 -05:00
William Wernert
97466957a7 [fix] Fix text printed to whiptail progress bar 2020-12-28 15:06:03 -05:00
William Wernert
cdb6dfcea0 [fix][wip] Fix whiptail output 2020-12-28 14:55:15 -05:00
William Wernert
5059373485 [fix] Change text printed to whiptail progress bar 2020-12-28 14:43:33 -05:00
William Wernert
af62e64852 [fix] Message changes 2020-12-28 14:40:17 -05:00
William Wernert
5836d22525 [fix] Change text printed to whiptail progress bar 2020-12-28 14:29:03 -05:00
William Wernert
a4239d7fe4 [fix] Clarify why dpkg lock is needed 2020-12-28 14:20:37 -05:00
William Wernert
5bd15b91ea [fix] Message formatting changes 2020-12-28 14:18:43 -05:00
William Wernert
a0533dd6b5 [feat] Increase retry_count, decrease wait time, change wording 2020-12-28 14:17:27 -05:00
William Wernert
f7a60a011b [fix] Message formatting 2020-12-28 14:06:33 -05:00
William Wernert
17160dcdbe [fix] Don't repeat fail message on last attempt 2020-12-28 14:02:46 -05:00
William Wernert
0dd80a664f [fix] Only call progress callback if arg passed 2020-12-28 14:00:09 -05:00
William Wernert
1e0525b1ad [fix] Only call progress callback if arg passed 2020-12-28 13:57:44 -05:00
William Wernert
7050b1fce5 [fix] Don't use same variable for increment and limit 2020-12-28 13:55:03 -05:00
Jason Ertel
7fe0182ede Refactor so-test and so-tcpreplay to be compatible with SO 2.3.20+; Change hive_init and cortex_init to initialize the cortex and fleet services directly on the manager IP instead of attempting to use the public URL 2020-12-28 11:26:56 -05:00
William Wernert
4d1cb37468 [feat] Add function to wait for dpkg lock 2020-12-28 09:35:51 -05:00
Jason Ertel
8f15d794bc Silence curl progress output during hive/cortex init 2020-12-24 08:44:28 -05:00
Jason Ertel
baf5be1a3a Return adequate exit code when init fails; Logs output of init scripts for troubleshooting failed installations 2020-12-23 20:14:46 -05:00
Jason Ertel
9cf150f988 Switch from Jinja syntax to bash 2020-12-23 15:11:43 -05:00
Jason Ertel
2d44b69e8d Refactor hive and cortex init to use wait loops instead of hardcoded sleeps 2020-12-23 12:12:38 -05:00
Jason Ertel
aa5c0a7351 Clarify prompt instructions for so-elastalert-test 2020-12-23 09:37:44 -05:00
Jason Ertel
eef1f49d09 Corrected cortex_init process which was incorrectly attempting to access ES via the external URL; Removing 1-2 minute sleeps during init to see if those are no longer needed 2020-12-22 22:56:01 -05:00
Jason Ertel
cfe5019f51 Add firewall listhogroups and listportgroups commands; Change AMI test defaults to use a custom hostname for cypress access 2020-12-22 17:59:59 -05:00
Wes Lambert
ac96ded2dc Support setting rule repos via pillar 2020-12-22 15:36:15 +00:00
weslambert
def08895d5 Merge pull request #2393 from Security-Onion-Solutions/fix/strelka_filestream 
Fix/strelka filestream
 2020-12-18 15:48:54 -05:00
weslambert
2fee2ca143 Change identifier name to be more descriptive 2020-12-18 15:40:54 -05:00
weslambert
7453626b06 Add identifier 2020-12-18 15:39:52 -05:00